From 1881b54692b67885deffce62a21e77d098558b89 Mon Sep 17 00:00:00 2001 From: xinian Date: Wed, 28 Jan 2026 12:15:35 +0800 Subject: [PATCH] =?UTF-8?q?=E7=BC=96=E8=BE=91=E6=96=87=E4=BB=B6=20my-first?= =?UTF-8?q?-workflow.yaml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .woodpecker/my-first-workflow.yaml | 232 ++++++++--------------------- 1 file changed, 62 insertions(+), 170 deletions(-) diff --git a/.woodpecker/my-first-workflow.yaml b/.woodpecker/my-first-workflow.yaml index d489c9347..c27b5eff9 100644 --- a/.woodpecker/my-first-workflow.yaml +++ b/.woodpecker/my-first-workflow.yaml @@ -5,183 +5,75 @@ when: - manual branch: main -skip_clone: true # 关闭默认clone,手动拉取代码 +skip_clone: true -# 流水线核心步骤:修复所有模板括号缺失问题 + +# 全局配置变量(替换占位符即可使用) +variables: + SCREEN_NAME: "logic_service" + REMOTE_EXE_DIR: "/opt/logic" + JSON_CONFIG_URL: "https://你的JSON配置地址.com/deploy.json" + LOG_PATH: "$HOME/run.log" + +# 流水线核心步骤:理顺依赖链,确保各步骤依赖正确 steps: - # ========== 0. 变量验证(提前检查关键变量) ========== - - name: validate env vars - image: alpine:latest - commands: - - | - # 检查核心部署变量是否配置 - REQUIRED_VARS=("LOGIN_SERVER_HOST" "LOGIN_SERVER_USER" "LOGIN_SERVER_PASSWORD") - for var in "${REQUIRED_VARS[@]}"; do - if [ -z "${!var}" ]; then - echo "❌ 错误:未配置变量 $var,请在Woodpecker项目设置中补充" - exit 1 - fi - done - # 给可选变量设置默认值 - export LOGIN_SERVER_PORT=${LOGIN_SERVER_PORT:-22} - # 打印变量(调试用) - echo "✅ 变量验证通过:" - echo "LOGIN_SERVER_HOST: ${LOGIN_SERVER_HOST}" - echo "LOGIN_SERVER_USER: ${LOGIN_SERVER_USER}" - echo "LOGIN_SERVER_PORT: ${LOGIN_SERVER_PORT}" - # 写入CI_ENV_FILE供后续步骤使用 - echo "LOGIN_SERVER_HOST=${LOGIN_SERVER_HOST}" >> "${CI_ENV_FILE}" - echo "LOGIN_SERVER_USER=${LOGIN_SERVER_USER}" >> "${CI_ENV_FILE}" - echo "LOGIN_SERVER_PASSWORD=${LOGIN_SERVER_PASSWORD}" >> "${CI_ENV_FILE}" - echo "LOGIN_SERVER_PORT=${LOGIN_SERVER_PORT}" >> "${CI_ENV_FILE}" + # ========== 0. 同步代码到GitHub(与prepare并行执行) ========== + sync-to-github: + image: tencentcom/git-sync + settings: + target_url: https://github.com/72wo/blazing.git + auth_type: https + username: ${GIT_USERNAME} + password: ${GIT_ACCESS_TOKEN} + when: + event: + - push + branch: + - main - # ========== 1. 替代clone:拉取代码 ========== - - name: prepare + # ========== 1. 替代clone:拉取代码(核心依赖) ========== + prepare: image: debian:bookworm - depends_on: [validate env vars] + environment: + WOODPECKER_SSH_KEY: + from_secret: WOODPECKER_SSH_KEY commands: - - export GIT_CONFIG_URL="https://cnb:${CNB_ACCK}@cnb.cool/blzing/blazing" + # 调试:验证变量是否传递 + - echo "🔍 调试:WOODPECKER_SSH_KEY变量长度 = ${#WOODPECKER_SSH_KEY}" + - echo "🔍 调试:当前环境变量列表(筛选SSH相关)" + - env | grep -i ssh || echo "⚠️ 无SSH相关环境变量" + + # 系统初始化 - apt update -y - apt install -y --no-install-recommends ca-certificates curl git openssh-client openssl libssl-dev - - git clone --depth 1 --progress -v ${GIT_CONFIG_URL} blazing-project - - cd blazing-project - - echo "✅ 代码拉取完成,当前目录:$(pwd)" - - # ========== 2. 生成版本号 ========== - - name: set version - image: golang:1.23 - depends_on: [prepare] - commands: - - cd blazing-project - - VERSION="v$(git rev-parse --short=8 HEAD 2>/dev/null || echo "unknown")" - - mkdir -p .build-info - - echo "BUILD_VERSION=${VERSION}" >> .build-info/.env - - echo "构建版本号:${VERSION}" - - # ========== 3. 缓存Go依赖 ========== - - name: cache go modules - image: meltwater/drone-cache:latest - depends_on: [prepare] - settings: - restore: true - mount: - - /go/pkg/mod - - /root/.cache/go-build - # 关键:检查此处{{ }}完全闭合,无缺失 - cache_key: '{{ .Repo.Name }}-{{ .Commit.Branch }}-{{ checksum "blazing-project/go.mod" }}-{{ checksum "blazing-project/login/go.mod" }}' - - # ========== 4. 编译Logic和Login服务 ========== - - name: build - image: golang:1.25 - environment: - CGO_ENABLED: 0 - GO111MODULE: on - GOSUMDB: off - depends_on: - - cache go modules - - set version - commands: - - cd blazing-project - - . .build-info/.env - - mkdir -p build + + # 清理旧SSH文件,严格配置权限 + - rm -rf /root/.ssh/* + - mkdir -p /root/.ssh && chmod 700 /root/.ssh + - DEPLOY_KEY_FILE="$HOME/.ssh/deploy_key" + + # 关键修复:SSH密钥写入(EOF内无缩进) - | - # 编译Logic服务 - BIN_NAME="logic_${BUILD_VERSION}" - go mod download -x - go build -v -trimpath -buildvcs=false -ldflags "-s -w -buildid= -extldflags '-static'" -o ./build/${BIN_NAME} ./logic - chmod +x ./build/${BIN_NAME} - ls -lh ./build/${BIN_NAME} - # 编译Login服务 - cd login - BIN_NAME="login_${BUILD_VERSION}" - go mod download -x - go build -v -trimpath -buildvcs=false -ldflags "-s -w -buildid= -extldflags '-static'" -o ./build/${BIN_NAME} . - chmod +x ./build/${BIN_NAME} - ls -lh ./build/${BIN_NAME} - mv ./build/${BIN_NAME} ../build/ - cd .. - ls -lh ./build/ - - echo "LOGIC_BIN=logic_${BUILD_VERSION}" >> "${CI_ENV_FILE}" - - echo "LOGIN_BIN=login_${BUILD_VERSION}" >> "${CI_ENV_FILE}" + cat > /root/.ssh/id_ed25519 << EOF + $WOODPECKER_SSH_KEY + EOF + chmod 600 /root/.ssh/id_ed25519 + echo "✅ ED25519密钥写入完成" - # ========== 5. 重建缓存 ========== - - name: rebuild cache - image: meltwater/drone-cache:latest - depends_on: [build] - settings: - rebuild: true - mount: - - /go/pkg/mod - - /root/.cache/go-build - # 关键:检查{{ }}完全闭合 - cache_key: '{{ .Repo.Name }}-{{ .Commit.Branch }}-{{ checksum "blazing-project/go.mod" }}-{{ checksum "blazing-project/login/go.mod" }}' - - # ========== 6. SCP推送产物(检查所有{{ }}闭合) ========== - - name: deploy to login server - image: appleboy/drone-scp:1.6.2 - imports: https://cnb.cool/blzing/key/-/blob/main/githubkey.yml - depends_on: [rebuild cache] - settings: - host: {{ .LOGIN_SERVER_HOST }} - username: {{ .LOGIN_SERVER_USER }} - password: {{ .LOGIN_SERVER_PASSWORD }} - port: {{ .LOGIN_SERVER_PORT }} - source: - - ./blazing-project/build/login_* - - ./blazing-project/build/logic_* - target: /opt/login/ - strip_components: 2 - skip_verify: true - timeout: 30s - - # ========== 7. SSH启动服务(检查所有{{ }}闭合) ========== - - name: start login and move logic - image: appleboy/drone-ssh:1.6.2 - imports: https://cnb.cool/blzing/key/-/blob/main/githubkey.yml - depends_on: [deploy to login server] - settings: - host: {{ .LOGIN_SERVER_HOST }} - username: {{ .LOGIN_SERVER_USER }} - password: {{ .LOGIN_SERVER_PASSWORD }} - port: {{ .LOGIN_SERVER_PORT }} - script: - - | - cd /opt/login - BIN_NAME=$(ls -t login_v* 2>/dev/null | head -1) - echo "BIN_NAME: $BIN_NAME" - if [ -z "$BIN_NAME" ]; then - echo "❌ 未找到可执行的login文件" - exit 1 - fi - echo "📦 启动Login服务 | Binary: $BIN_NAME" - # 停止旧的screen会话 - session_name="login" - session=$(screen -ls 2>/dev/null | grep -o "[0-9]*\.${session_name}" || true) - if [[ ! -z "$session" ]]; then - screen -X -S "$session_name" stuff "^C" - expect -c "exec screen -x ${session_name}; wait; exit" 2>/dev/null || true - screen -X -S "$session_name" quit 2>/dev/null || true - echo "Info: Stopped login app." - fi - sleep 1 - # 启动新进程 - screen -dmS ${session_name} ./${BIN_NAME} - echo "✅ Login服务启动成功 | Screen: ${session_name}" - # 健康检查 - sleep 3 - if screen -list 2>/dev/null | grep -q "${session_name}"; then - echo "✅ 服务健康检查通过 | Screen: ${session_name}" - else - echo "❌ 服务健康检查失败 | Screen: ${session_name} 不存在" - exit 1 - fi - # 移动logic产物 - LOGIC_BIN=$(ls -t logic_v* 2>/dev/null | head -1) - if [ -n "$LOGIC_BIN" ]; then - mkdir -p /opt/login/public - mv $LOGIC_BIN /opt/login/public/ - echo "✅ Logic产物已移动到 /opt/login/public/ | 文件: $(basename $LOGIC_BIN)" - else - echo "⚠ 未找到Logic产物" - fi + + # 添加GitHub主机密钥 + - SSH_KNOWN_HOSTS_FILE="$HOME/.ssh/known_hosts" + - ssh-keyscan -H github.com > /root/.ssh/known_hosts + - chmod 600 /root/.ssh/known_hosts + + + + + - echo "🔍 ${#CI_REPO_CLONE_SSH_URL}调试: ${CI_REPO_CLONE_SSH_URL}" + - git config --global core.compression 0 + - export GIT_CONFIG_URL="https://cnb:${CNB_ACCK}@cnb.cool/blzing/blazing" + - git clone --depth 1 --progress -v ${GIT_CONFIG_URL} + # 拉取代码 + + - echo "✅ 代码拉取完成" \ No newline at end of file